Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/Zc_qN5yV7C6_iTqYnxgWkO668II.roa
File: Zc_qN5yV7C6_iTqYnxgWkO668II.roa (raw, json)
Hash identifier: ncyOJecAb5Awx5nOSLBNEEc0M4qEwU/5XUkA9Xs683c=
Subject key identifier: 65:CF:EA:37:9C:95:EC:2E:BF:89:3A:98:9F:18:16:90:EE:BA:F0:82
Certificate issuer: /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial: 018CC871372856FBF2011C0E8D4126554031
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/Zc_qN5yV7C6_iTqYnxgWkO668II.roa
Signing time: Tue 02 Jan 2024 04:31:51 +0000
ROA not before: Tue 02 Jan 2024 04:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25454
IP address blocks: 217.12.112.0/20 maxlen: 24
185.8.68.0/22 maxlen: 22
94.243.64.0/18 maxlen: 24
212.56.192.0/19 maxlen: 24
185.167.132.0/22 maxlen: 24
188.131.0.0/17 maxlen: 24
77.89.192.0/18 maxlen: 24
46.166.0.0/18 maxlen: 24
193.239.182.0/23 maxlen: 24
195.22.224.0/19 maxlen: 24
2a00:1858::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jan 2024 15:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:37:28:56:fb:f2:01:1c:0e:8d:41:26:55:40:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Validity
Not Before: Jan 2 04:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65cfea379c95ec2ebf893a989f181690eebaf082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:59:72:16:08:eb:e1:46:1a:e4:82:bc:b4:22:
e7:53:48:76:28:f1:3f:ab:6c:58:cd:97:3d:0f:ea:
49:8e:71:21:65:a0:65:fa:c7:bd:67:76:7d:25:8d:
60:0e:eb:e2:c1:06:a0:ec:01:58:83:b9:a6:a6:57:
ff:63:cd:cf:7f:bf:84:f6:39:0f:f5:56:1d:b7:e1:
29:db:a4:d2:36:e1:4a:2d:a0:b0:32:71:0e:83:36:
48:25:65:7c:db:b4:bd:09:a2:fa:4a:82:7d:cf:8a:
f6:0c:95:02:c7:64:19:1a:ed:82:f8:aa:ce:54:28:
f1:b8:2f:46:1c:8d:ad:fc:2b:02:12:f6:7c:9c:1b:
3f:48:36:6f:55:b8:cb:4c:1d:6f:e0:ba:a8:84:72:
d2:61:4b:0a:d6:1f:c1:d5:7b:01:99:9a:b1:29:0e:
7c:89:b4:eb:57:97:67:be:96:dd:db:f9:e9:aa:6a:
4e:3b:d3:15:59:f6:2d:78:26:83:14:ac:08:5c:90:
6d:ab:61:98:1b:34:30:2f:59:2b:49:b0:00:9c:a7:
eb:30:74:ab:05:49:14:fb:df:ab:a1:5b:ad:b0:22:
55:d0:6c:06:f6:a0:12:1b:e9:8c:83:7d:63:db:b8:
e9:c9:33:bd:30:3c:75:55:53:01:7d:29:d8:60:43:
e8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CF:EA:37:9C:95:EC:2E:BF:89:3A:98:9F:18:16:90:EE:BA:F0:82
X509v3 Authority Key Identifier:
keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/Zc_qN5yV7C6_iTqYnxgWkO668II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.0.0/18
77.89.192.0/18
94.243.64.0/18
185.8.68.0/22
185.167.132.0/22
188.131.0.0/17
193.239.182.0/23
195.22.224.0/19
212.56.192.0/19
217.12.112.0/20
IPv6:
2a00:1858::/32
Signature Algorithm: sha256WithRSAEncryption
98:fa:97:d4:04:dd:d2:47:d1:24:eb:d4:21:83:b4:ac:8f:68:
4f:50:c1:72:ee:06:03:12:aa:8d:87:bb:9f:60:10:81:a5:fc:
2e:35:00:5c:75:38:84:94:42:ca:9b:19:16:06:75:67:e6:f1:
05:ea:19:a4:e8:f2:1e:11:47:ba:6d:ed:de:e7:f4:44:b1:07:
d0:65:00:12:5e:ee:19:60:aa:d8:a5:62:ea:87:e8:79:c1:62:
0c:d2:7f:9f:00:74:22:35:a5:6a:67:6a:f2:62:e7:cd:87:b4:
1d:4f:43:a3:d1:2e:11:fa:02:1e:27:97:1f:d3:14:4c:5a:50:
f0:60:5c:0e:c5:86:57:80:f3:87:f8:00:31:97:54:fc:c1:9a:
22:bf:86:07:5e:32:13:4a:83:7f:d9:f8:db:e4:19:7b:11:83:
40:8d:25:52:3b:e1:a7:c6:85:a3:72:f6:87:c1:a0:bf:dc:fc:
41:96:35:5c:72:05:36:25:83:ad:d5:5e:13:29:49:7b:5b:c5:
e0:5a:2e:4a:2e:3c:0e:0a:f8:59:d6:39:ec:a9:be:58:35:37:
bf:e2:05:7d:23:4a:5c:c6:b8:dc:fb:40:31:b0:49:a5:9c:de:
5b:87:7c:d7:d6:84:75:0f:7b:07:3a:4a:04:a3:e8:a7:4a:1a:
8c:2a:7e:ea
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzIcTcoVvvyARwOjUEmVUAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwM2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQw
ZDc3ODcwHhcNMjQwMTAyMDQzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNmZWEzNzljOTVlYzJlYmY4OTNhOTg5ZjE4MTY5MGVlYmFmMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFlyFgjr4UYa5IK8tCLnU0h2KPE/
q2xYzZc9D+pJjnEhZaBl+se9Z3Z9JY1gDuviwQag7AFYg7mmplf/Y83Pf7+E9jkP
9VYdt+Ep26TSNuFKLaCwMnEOgzZIJWV827S9CaL6SoJ9z4r2DJUCx2QZGu2C+KrO
VCjxuC9GHI2t/CsCEvZ8nBs/SDZvVbjLTB1v4LqohHLSYUsK1h/B1XsBmZqxKQ58
ibTrV5dnvpbd2/npqmpOO9MVWfYteCaDFKwIXJBtq2GYGzQwL1krSbAAnKfrMHSr
BUkU+9+roVutsCJV0GwG9qASG+mMg31j27jpyTO9MDx1VVMBfSnYYEPocQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGXP6jeclewuv4k6mJ8YFpDuuvCCMB8GA1UdIwQY
MBaAFLA8MCwvUid+PQq2hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2Et
NmY3MDI0YzNhYWQ3LzEvWmNfcU41eVY3QzZfaVRxWW54Z1drTzY2OElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3
LzEvc0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQGLqYAAwQG
TVnAAwQGXvNAAwQCuQhEAwQCuaeEAwQHvIMAAwQBwe+2AwQFwxbgAwQF1DjAAwQE
2QxwMA0EAgACMAcDBQAqABhYMA0GCSqGSIb3DQEBCwUAA4IBAQCY+pfUBN3SR9Ek
69Qhg7Ssj2hPUMFy7gYDEqqNh7ufYBCBpfwuNQBcdTiElELKmxkWBnVn5vEF6hmk
6PIeEUe6be3e5/REsQfQZQASXu4ZYKrYpWLqh+h5wWIM0n+fAHQiNaVqZ2ryYufN
h7QdT0Oj0S4R+gIeJ5cf0xRMWlDwYFwOxYZXgPOH+AAxl1T8wZoiv4YHXjITSoN/
2fjb5Bl7EYNAjSVSO+GnxoWjcvaHwaC/3PxBljVccgU2JYOt1V4TKUl7W8XgWi5K
LjwOCvhZ1jnsqb5YNTe/4gV9I0pcxrjc+0AxsEmlnN5bh3zX1oR1D3sHOkoEo+in
ShqMKn7q
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:52:01 2025 by rpki-client